127 Security Blogs

Last Updated: 02 Apr 25 11:14 UTC

Blog List | Github | OPML

2025-04-02

Schneier on Security
Rational Astrologies and Security

Dark Reading
Malaysian Airport's Cyber Disruption a Warning for Asia


2025-04-01

Fastly
#hugops for vibe coders

Schneier on Security
Cell Phone OPSEC for Border Crossings

Malwarebytes
Intimate images from kink and LGBTQ+ dating apps left exposed online

Malwarebytes
“Urgent reminder” tax scam wants to phish your Microsoft credentials

Cloudflare
“You get Instant Purge, and you get Instant Purge!” — all purge methods now available to all customers

Github Security Blog
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help

Auth0
March 2025 Updates: What’s New in Auth0 (Developer Edition)

Microsoft Security
Transforming public sector security operations in the AI era

Datadog HQ
Achieve PCI DSS v4.0.1 compliance with Datadog

Datadog HQ
Simplify multi-cloud cost management with FOCUS and Datadog

Datadog HQ
This Month in Datadog - March 2025

Rapid7
A New Approach to Managing Vulnerabilities is Required - Work Smarter not Harder with Rapid7 Remediation Hub

Rapid7
What’s New in Rapid7 Products & Services: Q1 2025 in Review

SpiderLabs
Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’

Snyk
Get Off My Lawn and Fix Your Vulnerabilities!

Snyk
Q&A Session with Snyk & John Hammond: Your Fetch the Flag Questions, Answered

Elastic Security Labs
Outlaw Linux Malware: Persistent, Unsophisticated, and Surprisingly Effective

Hunt and Hackett
The Evolving Threat of OT: Do You Know Your Weak Spots?

Mozilla Security
Updated GPG key for signing Firefox Releases

The Citizen Lab
Gender-Based Digital Transnational Repression and the Authoritarian Targeting of Women in the Diaspora

ReversingLabs
OpenSSF guidelines encourage OSS developers to build securely

Dark Reading
Google Brings End-to-End Encryption to Gmail

Dark Reading
Surge in Scans on PAN GlobalProtect VPNs Hints at Attacks

Dark Reading
As CISA Downsizes, Where Can Enterprises Get Support?

Dark Reading
Japan Bolsters Cybersecurity Safeguards With Cyber Defense Bill

Dark Reading
Check Point Disputes Hacker's Breach Claims

Dark Reading
FDA's Critical Role in Keeping Medical Devices Secure

Dark Reading
Google 'ImageRunner' Bug Enabled Privilege Escalation

Dark Reading
Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks

Palo Alto Networks
Platformization Maximizes Security Efficacy & IT Operations Efficiency

TrustedSec
CUI For the Rest of Us: The New Government-Wide CUI Protection Contract Clause

Compass Security Blog
I wannabe Red Team Operator


2025-03-31

Schneier on Security
The Signal Chat Leak and the NSA

Malwarebytes
Why we’re no longer doing April Fools’ Day 

Malwarebytes
A week in security (March 24 – March 30)

Microsoft Security
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

Microsoft Security
New innovations in Microsoft Purview for protected, AI-ready data

Datadog HQ
Enrich your existing Datadog telemetry with custom metadata using Reference Tables

Datadog HQ
Monitor the performance of queues and topics with Azure Service Bus

Datadog HQ
Remediate Kubernetes incidents faster using private actions in your apps and workflows

Rapid7
Seeing is Securing: MDR VALUE at-a-glance with the Detection and Response Dashboard

Kevin Beaumont
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service

Moonlock
Why does my search keep switching to Yahoo, and what is the Yahoo virus?

White Knight Labs
Windows Kernel Buffer Overflow

Meta Security
Mobile GraphQL at Meta in 2025

Dark Reading
Oracle Cloud Users Urged to Take Action

Dark Reading
CoffeeLoader Malware Is Stacked With Vicious Evasion Tricks

Dark Reading
Top 10 Most-Used RDP Passwords Are Not Complex Enough

Dark Reading
DoJ Seizes Over $8M From Sprawling Pig Butchering Scheme

Dark Reading
CISA Warns of Resurge Malware Connected to Ivanti Vuln

Dark Reading
Trend Micro Open Sources AI Tool Cybertron

Dark Reading
Bridging the Gap Between the CISO & the Board of Directors

Dark Reading
Qakbot Resurfaces in Fresh Wave of ClickFix Attacks

Bishop Fox Security
Epic Fails and Heist Tales: A Red Teamer’s Journey to Deadwood

Krebs on Security
How Each Pillar of the 1st Amendment is Under Attack


2025-03-30

Troy Hunt
Weekly Update 445

Ars Technica Security
FBI raids home of prominent computer scientist who has gone incommunicado


2025-03-28

Fastly
Making the Internet Sustainable— Starting from Its Infrastructure

Schneier on Security
Friday Squid Blogging: Squid Werewolf Hacking Group

Schneier on Security
AIs as Trusted Third Parties

Malwarebytes
Vulnerability in most browsers abused in targeted attacks

SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 13

Rapid7
Metasploit Wrap-Up 03/28/2025

Rapid7
Overcoming the Challenges of Vulnerability Remediation

Hay Mizrachi
Hunting 12 Zero Days in Popular WooCommerce Plugins - A Research Journey

MalwareTech
The US Needs A New Cybersecurity Strategy: More Offensive Cyber Operations Isn't It

Moonlock
Has your Gmail been hacked? Here’s how to tell and how to recover your account

Moonlock
New phishing attack convinces users their Mac is locked

Moonlock
What is the Bing redirect virus, and how do you remove Google redirects to Bing?

Amazon Security
AWS continues to support government cloud security and shape FedRAMP’s evolution toward automated compliance

Ars Technica Security
Oracle has reportedly suffered 2 separate breaches exposing thousands of customers‘ PII

Ars Technica Security
Gemini hackers can deliver more potent attacks with a helping hand from… Gemini

Dark Reading
GSA Plans FedRAMP Revamp

Dark Reading
Evilginx Tool (Still) Bypasses MFA

Dark Reading
Oracle Still Denies Breach as Researchers Persist

Dark Reading
Harmonic Security Raises $17.5M Series A to Accelerate Zero-Touch Data Protection to Market

Dark Reading
Traditional Data Loss Prevention Solutions Are Not Working for Most Organizations

Dark Reading
SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks

Dark Reading
Malaysia PM Refuses to Pay $10M Ransomware Demand

Dark Reading
Concord Orthopaedic Notifies Individuals of Security Incident

Dark Reading
Navigating Cyber-Risks and New Defenses

Dark Reading
Iran's MOIS-Linked APT34 Spies on Allies Iraq & Yemen

Palo Alto Networks
Addressing Federal Cybersecurity Challenges in the Cloud Era

TrustedSec
MCP: An Introduction to Agentic Op Support

Searchlight Cyber
Russian Zero-Day Seller Offers $4m For Exploits in Telegram


2025-03-27

Schneier on Security
A Taxonomy of Adversarial Machine Learning Attacks and Mitigations

Malwarebytes
“This fraud destroyed my life.” Man ends up with criminal record after ID was stolen

Malwarebytes
Moving from WhatsApp to Signal: A good idea?

Cloudflare
Three chapters at Cloudflare: Programmer to CTO to Board of Directors

SentinelOne
GPU Device Plugins | Unveiling Risks in Kubernetes Workloads

Microsoft Security
US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID

Datadog HQ
Increase visibility into your infrastructure processes with Process Tag Rules

Rapid7
Unpacking a post-compromise breach simulation with Vector Command

Snyk
Governance in DevSecOps: Measuring and Improving Security Outcomes

Moonlock
Secret US war plans leaked in a Signal group chat by accident

Moonlock
How to scan Chrome for viruses and remove them permanently

ReversingLabs
AI coding tools weaponized: What your AppSec team needs to know

Dark Reading
Hoff's Rule: People First

Dark Reading
How CISA Cuts Impact Election Security

Dark Reading
OpenAI Bumps Up Bug Bounty Reward to $100K in Security Update

Dark Reading
DoJ Recovers $5M Lost in BEC Fraud Against Workers' Union

Dark Reading
Student-Powered SOCs Train Security's Next Generation

Dark Reading
Fake DeepSeek Ads Spread Malware to Google Users

Dark Reading
High-Severity Cloud Security Alerts Tripled in 2024

Google Security Blog
New security requirements adopted by HTTPS certificate industry

Zero Day Initiative
MindshaRE: Using Binary Ninja API to Detect Potential Use-After-Free Vulnerabilities

Krebs on Security
When Getting Phished Puts You in Mortal Danger

Palo Alto Networks
Is Your Browser Ground Zero for Cyberattacks?

TrustedSec
Getting the Most Out of Your API Security Assessment

Eclypsium
Juniper Routers, Network Devices Targeted with Custom Backdoors


2025-03-26

Malwarebytes
Security expert Troy Hunt hit by phishing attack

Rapid7
Rapid7 Earns 5-Star Rating in the 2025 CRN® Partner Program Guide

Rapid7
Inside the Mind of the Attacker: A Conversation with Raj Samani

SpiderLabs
2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

Amazon Security
Enhancing cloud security in AI/ML: The little pickle story

Amazon Security
Winter 2024 SOC 1 report is now available with 183 services in scope

Amazon Security
Effectively implementing resource control policies in a multi-account environment

ReversingLabs
Malware found on npm infecting local package with reverse shell

Dark Reading
Security Expert Troy Hunt Lured in by Mailchimp Phish

Dark Reading
Cybersecurity Gaps Leave Doors Wide Open

Dark Reading
Beyond STIX: Next-Level Cyber-Threat Intelligence

Dark Reading
'Lucid' Phishing-as-a-Service Exploits Faults in iMessage, Android RCS

Dark Reading
New Testing Framework Helps Evaluate Sandboxes

Dark Reading
Google Hastily Patches Chrome Zero-Day Exploited by APT

Mend
Introducing the Mend.io Value Dashboard: Measure and Showcase Your Security Impact

Google Security Blog
Titan Security Keys now available in more countries